Set up ID token permissions with SvelteKit

Follow the following steps to start configure your authentication endpoint and start building your own security logic.

Quickstart

1. Install the liveblocks/node package

   Terminal

   npm install @liveblocks/node

2. Set up authentication endpoint

   Users can only interact with rooms they have access to. You can configure permission access in an api/liveblocks-auth endpoint by creating the src/routes/api/liveblocks-auth/+server.ts file with the following code. This is where you will implement your security and define if the current user has access to a specific room.

   src/routes/api/liveblocks-auth/+server.ts

   import { type RequestEvent } from "@sveltejs/kit";import { Liveblocks } from "@liveblocks/node";
   const liveblocks = new Liveblocks({  secret: "sk_prod_xxxxxxxxxx…xxxxxxxxsk_prod_xxxxxxxxxxxxxxxxxxxxxxxx",});
   export async function POST({ request }: RequestEvent) {  // Get the current user from your database  const user = __getUserFromDB__(request);
     // Identify the user and return the result  const { status, body } = await liveblocks.identifyUser(    {      userId: user.id,      groupIds, // Optional    },    { userInfo: user.metadata },  );
     return new Response(body, { status });}

3. Set up the client

   On the front end, you can now replace the publicApiKey option with authEndpoint pointing to the endpoint you just created.

   liveblocks.config.ts

   import { createClient } from "@liveblocks/client";
   const client = createClient({  authEndpoint: "/api/liveblocks-auth",});

   If you need to pass custom headers or data to your endpoint, you can use authEndpoint as a callback instead.

   liveblocks.config.ts

4. Set permission accesses to a room

   A room can have defaultAccesses, usersAccesses, and groupsAccesses defined. Permissions are then checked when users try to connect to a room. For security purposes, room permissions can only be set on the back-end through @liveblocks/node or our REST API. For instance, you can use liveblocks.createRoom to create a new room with read-only public access levels while giving write access to specific groups and users.

   import { Liveblocks } from "@liveblocks/node";
   const liveblocks = new Liveblocks({  secret: "sk_prod_xxxxxxxxxx…xxxxxxxxsk_prod_xxxxxxxxxxxxxxxxxxxxxxxx",});
   const room = await liveblocks.createRoom("my-room-id", {  defaultAccesses: ["room:read", "room:presence:write"],  groupsAccesses: {    "my-group-id": ["room:write"],  },  usersAccesses: {    "my-user-id": ["room:write"],  },});

   For more information, make sure to read the section on room permissions.

More information

Both userId and userInfo can then be used in your Svelte application as such:

const self = room.getSelf();console.log(self.id);console.log(self.info.color);